From f81d36bd169ff1c3f7a42924a1d6de355d0f3b90 Mon Sep 17 00:00:00 2001
From: Louis Maillard <louis.maillard@savoirfairelinux.com>
Date: Tue, 23 Jul 2024 14:38:28 -0400
Subject: [PATCH] doc: add comments in config files to help users

Adding comment in config file help users to edit it without having to
keep documentation opened on side.

Change-Id: If58dd43dd6c5ac5dbb4209881fb4c14bd0d88e78
---
 extras/packaging/gnu-linux/debian/postinst | 40 ++++++++++++++++------
 tools/dhtnet_crtmgr/main.cpp               | 19 +++++-----
 tools/dnc/dnc.yaml                         | 40 +++++++++++++++++++---
 tools/dsh/dsh.yaml                         | 32 +++++++++++++++--
 tools/dvpn/dvpn.yaml                       | 25 ++++++++++++--
 5 files changed, 126 insertions(+), 30 deletions(-)

diff --git a/extras/packaging/gnu-linux/debian/postinst b/extras/packaging/gnu-linux/debian/postinst
index 629cb2b8..33a7e8e1 100644
--- a/extras/packaging/gnu-linux/debian/postinst
+++ b/extras/packaging/gnu-linux/debian/postinst
@@ -41,17 +41,35 @@ configure_yaml() {
         sed -i 's/^#certificate:.*$/certificate: \"\/etc\/dhtnet\/id\/id-server.crt\"/' /etc/dhtnet/dnc.yaml
         sed -i 's/^#privateKey:.*$/privateKey: \"\/etc\/dhtnet\/id\/id-server.pem\"/' /etc/dhtnet/dnc.yaml
     else
-        echo "bootstrap: \"bootstrap.jami.net\"" > /etc/dhtnet/dnc.yaml
-        echo "turn_host: \"turn.jami.net\"" > /etc/dhtnet/dnc.yaml
-        echo "turn_user: \"ring\"" > /etc/dhtnet/dnc.yaml
-        echo "turn_pass: \"ring\"" > /etc/dhtnet/dnc.yaml
-        echo "turn_realm: \"ring\"" > /etc/dhtnet/dnc.yaml
-        echo "port: 22" > /etc/dhtnet/dnc.yaml
-        echo "ip: \"127.0.0.1\"" > /etc/dhtnet/dnc.yaml
-        echo "certificate: \"/etc/dhtnet/id/id-server.crt\"" > /etc/dhtnet/dnc.yaml
-        echo "privateKey: \"/etc/dhtnet/id/id-server.pem\"" > /etc/dhtnet/dnc.yaml
-        echo "anonymous: false" > /etc/dhtnet/dnc.yaml
-        echo "verbose: false" > /etc/dhtnet/dnc.yaml
+        {
+            echo "# The bootstrap node serves as the entry point to the DHT network."
+            echo "# By default, bootstrap.jami.net is configured for the public DHT network and should be used for personal use only."
+            echo "# For production environments, it is recommended to set up your own bootstrap node to establish your own DHT network."
+            echo "# Documentation: https://docs.jami.net/en_US/user/lan-only.html#boostraping"
+            echo "bootstrap: \"bootstrap.jami.net\""
+            echo ""
+            echo "# TURN server is used as a fallback for connections if the NAT block all possible connections."
+            echo "# By default is turn.jami.net (which uses coturn) but can be any TURN."
+            echo "# Developer must set up their own TURN server."
+            echo "# Documentation: https://docs.jami.net/en_US/developer/going-further/setting-up-your-own-turn-server.html"
+            echo "turn_host: \"turn.jami.net\""
+            echo "turn_user: \"ring\""
+            echo "turn_pass: \"ring\""
+            echo "turn_realm: \"ring\""
+            echo ""
+            echo "# When verbose is set to true, the server logs all incoming connections"
+            echo "verbose: false"
+            echo ""
+            echo "# On server, identities are saved in /etc/dhtnet/id/"
+            echo "certificate: \"/etc/dhtnet/id/id-server.crt\""
+            echo "privateKey: \"/etc/dhtnet/id/id-server.pem\""
+            echo ""
+            echo "# When anonymous is set to true, the server accepts any connection without checking CA"
+            echo "# When anonymous is set to false, the server allows only connection which are issued by the same CA as the server"
+            echo "anonymous: false"
+            echo ""
+            echo ""
+        } > /etc/dhtnet/dnc.yaml
     fi
 }
 
diff --git a/tools/dhtnet_crtmgr/main.cpp b/tools/dhtnet_crtmgr/main.cpp
index 5386c784..a44d68c9 100644
--- a/tools/dhtnet_crtmgr/main.cpp
+++ b/tools/dhtnet_crtmgr/main.cpp
@@ -118,23 +118,24 @@ int create_yaml_config(std::filesystem::path file, std::filesystem::path certifi
         yaml_file << "turn_user: \"ring\"\n";
         yaml_file << "turn_pass: \"ring\"\n";
         yaml_file << "turn_realm: \"ring\"\n";
-        if (is_client) {
-            yaml_file << "\n# When dnc server receives connexions, it forwards them to service at specified IP:port requested by client\n";
-            yaml_file << "# By default, it forwards them to SSH server running on localhost at port 22\n";
-            yaml_file << "ip: \"127.0.0.1\"\n";
-            yaml_file << "port: 22\n";
-        }
+
+        yaml_file << "\n# When verbose is set to true, the server logs all incoming connections\n";
+        yaml_file << "verbose: false\n";
+
         yaml_file << "\n# On server, identities are saved in /etc/dhtnet/id/\n";
         yaml_file << "# On client, they are generaly saved in ~/.dnc/\n";
         yaml_file << "certificate: " << certificate << "\n";
         yaml_file << "privateKey: " << privateKey << "\n";
-        if (!is_client) {
+        if (is_client) {
+            yaml_file << "\n# When dnc server receives connexions, it forwards them to service at specified IP:port requested by CLIENT\n";
+            yaml_file << "# By default, it forwards them to SSH server running on localhost at port 22\n";
+            yaml_file << "ip: \"127.0.0.1\"\n";
+            yaml_file << "port: 22\n";
+        } else {
             yaml_file << "\n# When anonymous is set to true, the server accepts any connection without checking CA\n";
             yaml_file << "# When anonymous is set to false, the server allows only connection which are issued by the same CA as the server\n";
             yaml_file << "anonymous: false\n";
         }
-        yaml_file << "\n# When verbose is set to true, the server logs all incoming connections\n";
-        yaml_file << "verbose: false\n";
         yaml_file.close();
         fmt::print("Configuration file created in {}\n", file);
     } else {
diff --git a/tools/dnc/dnc.yaml b/tools/dnc/dnc.yaml
index 661ecc56..412ab08e 100644
--- a/tools/dnc/dnc.yaml
+++ b/tools/dnc/dnc.yaml
@@ -1,11 +1,41 @@
+# The bootstrap node serves as the entry point to the DHT network.
+# By default, bootstrap.jami.net is configured for the public DHT network and should be used for personal use only.
+# For production environments, it is recommended to set up your own bootstrap node to establish your own DHT network.
+# Documentation: https://docs.jami.net/en_US/user/lan-only.html#boostraping
 bootstrap: "bootstrap.jami.net"
+
+# TURN server is used as a fallback for connections if the NAT block all possible connections.
+# By default is turn.jami.net (which uses coturn) but can be any TURN.
+# Developer must set up their own TURN server.
+# Documentation: https://docs.jami.net/en_US/developer/going-further/setting-up-your-own-turn-server.html
 turn_host: "turn.jami.net"
 turn_user: "ring"
 turn_pass: "ring"
 turn_realm: "ring"
-port: 22
+
+# When verbose is set to true, the server logs all incoming connections
+verbose: false
+
+# On server, identities are saved in /etc/dhtnet/id/
+# On client, identities are saved in ~/.dnc/
+#certificate: "to/your/certificate.crt"
+#privateKey: "to/your/privatekey.pem"
+
+
+##########################
+### For Client Use Only ##
+##########################
+
+# When dnc server receives connexions, it forwards them to service at specified IP:port requested by CLIENT.
+# By default, it forwards them to SSH server running on localhost at port 22
 ip: "127.0.0.1"
-# certificate: "to/your/certificate.crt"
-# privateKey: "to/your/privatekey.pem"
-anonymous: true
-verbose: false
\ No newline at end of file
+port: 22
+
+##########################
+### For Server Use Only ##
+##########################
+
+# When anonymous is set to true, the server accepts any connection without checking CA
+# When anonymous is set to false, the server allows only connection which are issued by the same CA as the server
+anonymous: false
+
diff --git a/tools/dsh/dsh.yaml b/tools/dsh/dsh.yaml
index 1e236495..3241ebfc 100644
--- a/tools/dsh/dsh.yaml
+++ b/tools/dsh/dsh.yaml
@@ -1,9 +1,37 @@
+# The bootstrap node serves as the entry point to the DHT network.
+# By default, bootstrap.jami.net is configured for the public DHT network and should be used for personal use only.
+# For production environments, it is recommended to set up your own bootstrap node to establish your own DHT network.
+# Documentation: https://docs.jami.net/en_US/user/lan-only.html#boostraping
 bootstrap: "bootstrap.jami.net"
+
+# TURN server is used as a fallback for connections if the NAT block all possible connections.
+# By default is turn.jami.net (which uses coturn) but can be any TURN.
+# Developer must set up their own TURN server.
+# Documentation: https://docs.jami.net/en_US/developer/going-further/setting-up-your-own-turn-server.html
 turn_host: "turn.jami.net"
 turn_user: "ring"
 turn_pass: "ring"
 turn_realm: "ring"
+
+# On server, identities are saved in /etc/dhtnet/id/
+# On client, they are generaly saved in ~/.dnc/
+#certificate: "to/your/certificate.crt"
+#privateKey: "to/your/privatekey.pem"
+
+
+##########################
+### For Client Use Only ##
+##########################
+
+# When dsh server receives connexions, it run the specified binary requested by client
 binary: "bash"
-# certificate: "/path/to/ca"
-# privateKey: "/path/to/privateKey"
+
+
+##########################
+### For Server Use Only ##
+##########################
+
+# When anonymous is set to true, the server accepts any connection without checking CA
+# When anonymous is set to false, the server allows only connection which are issued by the same CA as the server
 anonymous: false
+
diff --git a/tools/dvpn/dvpn.yaml b/tools/dvpn/dvpn.yaml
index 5a3b155f..7df7f534 100644
--- a/tools/dvpn/dvpn.yaml
+++ b/tools/dvpn/dvpn.yaml
@@ -1,9 +1,28 @@
+# The bootstrap node serves as the entry point to the DHT network.
+# By default, bootstrap.jami.net is configured for the public DHT network and should be used for personal use only.
+# For production environments, it is recommended to set up your own bootstrap node to establish your own DHT network.
+# Documentation: https://docs.jami.net/en_US/user/lan-only.html#boostraping
 bootstrap: "bootstrap.jami.net"
+
+# TURN server is used as a fallback for connections if the NAT block all possible connections.
+# By default is turn.jami.net (which uses coturn) but can be any TURN.
+# Developer must set up their own TURN server.
+# Documentation: https://docs.jami.net/en_US/developer/going-further/setting-up-your-own-turn-server.html
 turn_host: "turn.jami.net"
 turn_user: "ring"
 turn_pass: "ring"
 turn_realm: "ring"
-# configuration_file: "HOME/dhtnet/tools/dvpn/dvpn.yaml" # Change this to the path of the dvpn.yaml file
-# certificate: /path/to/certificate
-# privateKey: /path/to/privateKey
+
+# On server, identities are saved in /etc/dhtnet/id/
+# On client, they are generaly saved in ~/.dnc/
+#certificate: "to/your/certificate.crt"
+#privateKey: "to/your/privatekey.pem"
+
+
+##########################
+### For Server Use Only ##
+##########################
+
+# When anonymous is set to true, the server accepts any connection without checking CA
+# When anonymous is set to false, the server allows only connection which are issued by the same CA as the server
 anonymous: false
\ No newline at end of file